Legend:

Tracd allows you to run Trac without the need for Apache, but you can take advantage of Apache's password tools (htpasswd and htdigest) to easily create a password file in the proper format for tracd to use in authentication. (It is also possible to create the password file without htpasswd or htdigest; see below for alternatives)

96

97

Make sure you place the generated password files on a filesystem which supports sub-second timestamps, as Trac will monitor their modified time and changes happening on a filesystem with too coarse-grained timestamp resolution (like `ext2` or `ext3` on Linux) may go undetected.

95

Tracd allows you to run Trac without the need for Apache, but you can take advantage of Apache's password tools (`htpasswd` and `htdigest`) to easily create a password file in the proper format for tracd to use in authentication. (It is also possible to create the password file without `htpasswd` or `htdigest`; see below for alternatives)

96

97

{{{#!div style="border: 1pt dotted; margin: 1em"

98

**Attention:** Make sure you place the generated password files on a filesystem which supports sub-second timestamps, as Trac will monitor their modified time and changes happening on a filesystem with too coarse-grained timestamp resolution (like `ext2` or `ext3` on Linux, or HFS+ on OSX).

99

}}}

98

100

99

101

Tracd provides support for both Basic and Digest authentication. Digest is considered more secure. The examples below use Digest; to use Basic authentication, replace `--auth` with `--basic-auth` in the command line.

Basic Authorization can be accomplished via this [http://aspirine.org/htpasswd_en.html online HTTP Password generator] which also supports `SHA-1`. Copy the generated password-hash line to the .htpasswd file on your system. Note that Windows Python lacks the "crypt" module that is the default hash type for htpasswd ; Windows Python can grok MD5 password hashes just fine and you should use MD5.

174

175

You can use this simple Python script to generate a '''digest''' password file:

Basic Authorization can be accomplished via this [http://aspirine.org/htpasswd_en.html online HTTP Password generator] which also supports `SHA-1`. Copy the generated password-hash line to the .htpasswd file on your system. Note that Windows Python lacks the "crypt" module that is the default hash type for htpasswd. Windows Python can grok MD5 password hashes just fine and you should use MD5.

176

177

Trac also provides `htpasswd` and `htdigest` scripts in `contrib`:

178

{{{#!sh

179

$ ./contrib/htpasswd.py -cb htpasswd user1 user1

180

$ ./contrib/htpasswd.py -b htpasswd user2 user2

181

}}}

182

183

{{{#!sh

184

$ ./contrib/htdigest.py -cb htdigest trac user1 user1

185

$ ./contrib/htdigest.py -b htdigest trac user2 user2

213

186

}}}

214

187

215

188

==== Using `md5sum`

216

189

It is possible to use `md5sum` utility to generate digest-password file: